Privacy Policy

Last Updated: 02/01/2023

Pivoting Owl Inc. (“Thena”) provides a solution for businesses to effortlessly track and manage their customers directly in Slack.

This Privacy Policy describes how Thena collects, uses, discloses and otherwise processes personal information in connection with our website and any other sites or services that link to this Privacy Policy (collectively, the “Services”), and explains the rights and choices available to individuals with respect to their information.

This Privacy Policy does not apply to personal information (including name, business email address, link to Slack profile picture, and Slack user metadata) that we process on behalf of our customers. We process this information as instructed by our customers, in our capacity as a service provider/data processor, in accordance with the terms of our Data Processing Addendum.
Personal Information We Collect
Information you provide to us:
Business contact details, such as your first and last name, email address, phone number, and mailing address.
Information we obtain from third parties. We may combine personal information we receive from you with personal information we obtain from other sources, such as data providers and social media platforms.

Automatic data collection. We and our service providers may automatically log information about you, your computer or mobile device, and your interaction over time with our Services, our communications and other online services, such as:
Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 4G), and general location information such as city, state or geographic area.
Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, browsing history, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access, and whether you have opened our marketing emails or clicked links within them.
We use the following tools for automatic data collection:
Cookies, which are text files that websites store on a visitor‘s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, and helping us understand user activity and patterns.

We use both persistent cookies and session cookies. Persistent cookies stay on your device for a set period of time or until you delete them, while session cookies are deleted once you close your web browser. We use persistent cookies, for example, to record your choice of language and country location. The cookies placed through your use of our website are either set by us (first-party cookies) or by a third party at our request (third-party cookies).

We use the following categories of cookies:

Essential. These cookies are necessary to allow the technical operation of our services (e.g., they enable you to move around on a website and to use its features).

Functionality / performance. We use these cookies to enhance the functionality and performance of the services.

Analytics. We use these cookies to help us understand how our services are performing and being used. These cookies may work with web beacons included in emails we send to track which emails are opened and which links are clicked by recipients.
Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.
How We Use Personal Information
We use personal information for the following purposes or as otherwise described at the time of collection:

Providing and supporting our Services. We use personal information to operate, maintain, and provide you with our Services. In particular, we will use personal information to perform our contractual obligation under our terms of service, such as to allow you to use the Services.

Communicating with you about our Services. It is in our legitimate business interests to use personal information to respond to your requests, provide customer support, and communicate with you about our Services, including by sending announcements, updates, security alerts and support and administrative messages.

Improving, monitoring, personalizing, and protecting our Services. It is in our legitimate business interests to improve and keep our Services safe for our users, which includes:
troubleshooting, testing and research and to keep the Services secure; and
understanding your needs and interests, and personalize your experience with the Services and our communications;
troubleshooting, testing and research and to keep the Services secure; and
investigating and protecting against fraudulent, harmful, unauthorized or illegal activity.
Research and development. We may use personal information for research and development purposes in our legitimate business interests, including to analyze and improve the Services and our business. As part of these activities, we may create or use aggregated, de-identified or other anonymized data from personal information we collect. We make personal information into anonymized data by removing information that makes the data personally identifiable to you. We may use this anonymized data and share it with third parties for our lawful business purposes, including to analyze and improve the Services and promote our business. For example, we use anonymized traffic statistics from Google Analytics to recognize and count the number of visitors to the website and to see how visitors move around the website when they are using it to enable us to improve the way the website works.

Direct marketing. We may send you Thena-related direct marketing communications as permitted by law, including by email. Except where consent is required, we undertake such marketing on the basis of our legitimate business interest. You may opt-out of our marketing communications as described in the Opt out of marketing communications section below. Where we seek your consent, you may withdraw your consent at any time by contacting us using the details in the How to Contact Us section below.

Compliance and protection. We may use personal information to comply with legal obligations, and to defend us against legal claims or disputes, including to understanding your needs and interests, and personalize your experience with the Services and our communications; troubleshooting, testing and research and to keep the Services secure; and investigating and protecting against fraudulent, harmful, unauthorized or illegal activity.
protect our, your or others’ rights, privacy, safety or property (including by making and defendinglegal claims);
audit our internal processes for compliance with legal and contractual requirements and internalpolicies;
enforce the terms and conditions that govern the Services;
prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegalactivity, including cyberattacks and identity theft; and
comply with applicable laws, lawful requests and legal process, such as to respond to subpoenasor requests from government authorities.
How We Share Personal Information
We may share personal information with:

Service providers. We may share personal information with third party companies and individuals that provide services on our behalf or help us operate our Services (such as customer support, hosting, analytics, email delivery, marketing, identity verification, fraud detection, payment processing, and database management).

Professional advisors. We may disclose personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others. We may share personal information with law enforcement, government authorities and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.

Business transfers. We may sell, transfer or otherwise share some or all of our business or assets, including personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution. In such a case, we will make reasonable efforts to require the recipient to honor this Privacy Policy.

Your Choices

Opt out of marketing communications. Marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email or by contacting us at legal@thena.ai. You may continue to receive service-related and non-marketing emails.

Personal information requests. We also offer you choices that affect how we handle the personal information that we control. Depending on your location and the nature of your interactions with our services, you may request the following in relation to personal information:
Information about how we have collected and used personal information. We have made thisinformation available to you without having to request it by including it in this Privacy Policy.
Access to a copy of the personal information that we have collected about you. Where applicable,we will provide the information in a portable, machine-readable, readily usable format.
Correction of personal information that is inaccurate or out of date.
Deletion of personal information that we no longer need to provide the services or for other lawfulpurposes.
Additional rights, such as to object to and request that we restrict our use of personal information.
To make a request, please email us or write to us as provided in the How to Contact Us section below.We may ask for specific information from you to help us confirm your identity.

Right to complain. Depending on your location, you may have the right to lodge a complaint with yourlocal supervisory authority for data protection. Click here to find your local supervisory authority.

Limits on your choices. In some instances, your choices may be limited, such as where fulfilling your request would impair the rights of others, our ability to provide a service you have requested, or our ability to comply with our legal obligations and enforce our legal rights. If you are not satisfied with how we address your request, you may submit a complaint by contacting us as provided in the How to Contact Us section below.

Online tracking opt-out. There are a number of ways to opt out of having your online activity and device data collected through our Services, which we have summarized below:
Blocking cookies in your browser. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit allaboutcookies.org.

Use the following links to learn more about how to control cookies and online tracking through your browser:
                   o Firefox; Chrome; Microsoft Edge; Safari
Using privacy plug-ins or browsers. You can block our Services from setting third-party cookiesby using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, DuckDuckGo, Ghostery or uBlock Origin, and configuring them to block third partycookies/trackers.
Google Analytics. We use Google Analytics to help us better understand how people engage with our services by collecting information and creating reports about how users use our services. For more information on Google Analytics. For more information about Google’s privacy practices. You can opt out of Google Analytics by downloading and installing the browser plug-in available at: https://tools.google.com/dlpage/gaoptout.
Note that because these opt-out mechanisms are specific to the device or browser on which they areexercised, you will need to opt out on every browser and device that you use.

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the onlineservices that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out moreabout “Do Not Track,” please visit http://www.allaboutdnt.com.
Other Sites and Services
Our Services may contain links to other websites and other online services operated by third parties.These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or other online services that are not associated with us. We do not control websites or online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites and online services you use.

Security Practices

We use reasonable organizational, technical and administrative measures designed to protect against unauthorized access, misuse, loss, disclosure, alteration and destruction of personal information we maintain. Unfortunately, data transmission over the Internet cannot be guaranteed as completely secure.Therefore, while we strive to protect your personal information, we cannot guarantee the security of personal information.

Children

Our Services are not intended for use by children under 18 years of age. If we learn that we have collected personal information through the Services from a child under 18 without the consent of the child’s parent or guardian as required by law, we will delete it.

Job Applicants

When you visit the Careers portion of the website, we collect the information that you provide to us in connection with your job application. This includes business and personal contact information, professional credentials and skills, educational and work history, and other information of the type that may be included in a resume. This may also include diversity information that you voluntarily provide. We use this information on the basis of our legitimate business interests to facilitate our recruitment activities and process employment applications, such as by evaluating a job candidate for an employment activity, to monitor recruitment statistics, and to respond to surveys. We may also use this information to provide improved administration of the services, and as otherwise necessary (a) to comply with relevant laws or to respond to subpoenas or warrants served on us; (b) to protect and defend our or others’ rights or property; (c) in connection with a legal investigation; and/or (d) to investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy, or our terms of service.

International Data Transfers

You will provide personal information directly to our website in the United States. We may also transfer personal information to our affiliates and service providers in the United States and other jurisdictions.Please note that such jurisdictions may not provide the same protections as the data protection laws in your home country.When we engage in cross-border data transfers, we will ensure that relevant safeguards are in place to afford adequate protection for personal information and we will comply with applicable data protection laws, in particular by relying on an EU Commission or UK government adequacy decision or on contractual protections for the transfer of personal information. For more information about how we transfer personal information internationally, please contact us as set out in the How to Contact Us section below.
Retention of Personal Information
We retain personal information only for as long as is necessary to fulfil the purposes for which it was collected and processed, in accordance with our retention policies, and in accordance with applicable laws and regulatory obligations or until you withdraw your consent (where applicable).

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of personal information, the purposes for which we use personal information and whether we can achieve those purposes through other means, and the applicable legal and regulatory requirements.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on our Services.

How to Contact Us

Pivoting Owl Inc. is the entity responsible for the processing of our business contacts’ personal information (as a controller, where provided under applicable law).

Please direct any questions or comments about this Policy or privacy practices to legal@thena.ai. You may also write to us via postal mail at:

548 Market St
San Francisco, CA 94104
EU & UK Representative
EU:

Under Article 27 of the GDPR, we have appointed an EU Representative to act as our data protection agent.

Our nominated EU Representative is:

Instant EU GDPR Representative Ltd.
Adam Brogden
contact@gdprlocal.com
Tel +35315549700
INSTANT EU GDPR REPRESENTATIVE LTD
Office 2,12A Lower Main Street, Lucan Co. Dublin
K78 X5P8
Ireland

Our UK Representative:

Under Article 27 of the UK Data Privacy Act, we have appointed a UK Representative to act as our data protection agent.
Our nominated UK Representative is:

GDPR Local Ltd.
Adam Brogden contact@gdprlocal.com
Tel +44 1772 217800
1st Floor Front Suite27-29 North Street, Brighton
England
Customers first, growth always.
Request a demo